It’s clear DevSecOps is taking hold across the federal government. But like any new process, agencies must guard against the wolf in sheep’s clothing challenge–meaning calling your process DevSecOps but really following the waterfall methodology where you define the end result, require all the documentation and funding upfront and deliver capabilities every six months or every year. This means agencies need to train developer...

To protect the health and safety of attendees, all 2021 summits have been moved to a virtual platform due to COVID-19 concerns. The Official Cyber Security Summit connects C-Suite & Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. These events maintain as much of the traditional tradeshow experience as possible with a...

The aerospace industry has a history of demonstrated success in helping address the impacts of air travel on the climate, yet there is mounting pressure to do more. Electric propulsion is emerging as a promising zero-emission technology to reduce emissions in the long term. We’ll discuss: What is the business imperative if carbon emissions are not reduced? How can the industry drive disruptive innovation to reduce carbon emissions? What...

As risk assessment capabilities transform through agile ways of working and artificial intelligence (AI), leveraging a dynamic and integrated risk assessment may offer far greater coverage. This approach promotes coordination across the three lines, effective resourcing and investments, and cognitive risk monitoring and continuous assurance. We’ll discuss: Leading practices to elevate risk assessment across the enterprise Opportunities t...

The White House has made Zero Trust a cornerstone of federal cybersecurity efforts, setting clear agency goals with the May Executive Order and more recently seeking comment on a maturity model, technical reference architecture and formal federal Zero Trust strategy.That push portends dramatic changes for federal IT, but it aligns perfectly with the steps government agencies must take to ensure their data and systems are protected against incr...

Zero Trust is an integral part of the federal government's strategy to bolster cybersecurity in the face of increasingly aggressive and resourceful attackers, infiltrators and hackers. Understanding how to implement the strategy and a supporting platform across an enterprise can be daunting, however, as agencies move to the cloud and away from VPNs and other more traditional systems. Understanding how those pieces of enterprise networks play t...

The AFERM Summit Planning Committee is actively planning another stellar set of presentations for this year’s 14th Annual ERM Summit Training Event. This year’s Summit Planning Chair is Marianne Roth at CFPB and the Co-Chair is Mike Batlogg at SEC. Join your fellow ERM practitioners at the 2021 AFERM Virtual Summit Training to explore this year’s theme “ERM in a Changing World” online on October 26-27, 2021. Addit...

Understand the laws and regulations that apply to government contractors with hourly service workers. The Service Contract Labor Standards (SCLS/SCA) are one of the most challenging requirements for contractors with federal service contracts, from award competition to successful contract administration. This course is designed to help you understand the laws and regulations that apply to government contractors with hourly service workers and a...

Briefing Summary: Security operations centers (SOC) are the backbone of the cybersecurity industry providing defense, mitigation, and incident response against risks and attacks. However, SOCs are often criticized as ineffective, and one of the most frequently asked questions about SOC performance is “how to measure SOC effectiveness?” While mean time to resolution (MTTR) is the standard measure of effectiveness, this high-level me...

Far too often, agencies, organizations, and consulting firms are running data and AI projects without taking the right steps to ensure their success. Agile and iterative approaches have become adopted best practices for application development projects, but why don’t we have something similar when it comes to advanced analytics, big data, and AI projects? Without using best-practices approaches that standardize steps for data preparation...